Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Google Announces New Additions to Advanced Protection Program

Google this week announced expansions to the Advanced Protection Program, with the addition of Google Nest and support for more types of security keys for iOS users.

With the Advanced Protection Program, the Internet search giant aims to provide the strongest possible Google Account security for individuals at high risk of targeted attacks.

Google this week announced expansions to the Advanced Protection Program, with the addition of Google Nest and support for more types of security keys for iOS users.

With the Advanced Protection Program, the Internet search giant aims to provide the strongest possible Google Account security for individuals at high risk of targeted attacks.

The program is aimed at journalists, activists, business leaders, and people working on elections, but allows anyone to sign up and receive extra safeguards against phishing, malware, and fraudulent access to data.

Over the years, Google rolled out Advanced Protection Program features for many of its services, including GSuite, Google Cloud Platform, Chrome and, most recently, Android, and this week made it available for Google Nest as well, providing its users with an additional layer of security.

“Now people can seamlessly use their Google Accounts with both Advanced Protection and Google Nest devices — previously, a user could use their Google Account on only one of these at a time,” Google announced.

Also this week, the company started pushing native support for the W3C WebAuthn implementation for Google accounts on devices running iOS 13.3 and newer versions, for both personal and work Google accounts.

The new capability, the company says, allows the owners of iOS devices to use more types of security keys for Google Account and the Advanced Protection Program.

These include the USB-A and Bluetooth Titan Security Keys (both of which have NFC functionality built-in), Lightning security keys such as the YubiKey 5Ci or any USB security key (for those with an Apple Lightning to USB camera adapter), and USB-C security keys (on iOS devices with a USB-C port, such as an iPad Pro).

Google also suggests that users install the Smart Lock app, which allows them to use Bluetooth security keys and their phone’s built-in security key, so that their iPhones become additional security keys for their Google accounts.

“We highly recommend users at a higher risk of targeted attacks to get security keys (such as Titan Security Key or your Android or iOS phone) and enroll into the Advanced Protection Program. If you’re working for political committees in the United States, you may be eligible to request free Titan Security Keys through the Defending Digital Campaigns to get help enrolling into Advanced Protection,” Google notes.

iOS users can take advantage of the security keys for any site where FIDO security keys are supported for 2FA, such as Google Account, 1Password, Bitbucket, Bitfinex, Coinbase, Dropbox, Facebook, GitHub, Salesforce, Stripe, Twitter, and more.

Related: Google Simplifies Enrollment Process for Advanced Protection Program

Related: Google Open Sources Code for Security Key Devices

Related: Apple Joins FIDO Alliance

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.